Yesterday, researchers outlined a complicated way to crack the Google Wallet PIN used to make purchases with the smartphone-based payment system. Now there's a new hack that could let a stranger gain access to the funds of Wallet users.

Instead, all someone apparently has to do it clear the data for the Google Wallet app in the smartphone's application settings menu. The app is then reset and will prompt the person to enter a new PIN the next time it launches. Since the Google Wallet information is linked to the device and not to the actual account, a person can then use the Google prepaid card already tied to the device to gain full access to the owner's funds, explained The Smartphone Champ.

That one, however, required root access to the device, something that requires a certain amount of time, effort, and skill (or luck) to acquire. But the new hack can be performed by anyone within a matter of minutes.

In response to the hack, a Google spokesman sent CNET the following statement:

"We strongly encourage anyone who loses or wants to sell their phone to call Google Wallet support toll-free at 855-492-5538 to disable the prepaid card. We are currently working on an automated fix as well that will be available soon. We also advise all Wallet users to set up a screen lock as an additional layer of protection for their phone."

People who lose their phones can be especially vulnerable to a quick hack like this. So Android and Me further suggests that Google Wallet users install a security tracking app such as Lookout so they can locate the phone if it ever gets lost.

About the author

Journalist, software trainer, and Web developer Lance Whitney writes columns and reviews for CNET, Computer Shopper, Microsoft TechNet, and other technology sites. His first book, "Windows 8 Five Minutes at a Time," was published by Wiley & Sons in November 2012.
See full bio